Release Date: 03 JUNE 2008
Document Last Updated: 03 JUNE 2008
|Product Versions||ESX Server 3.5|
|Patch Classification|| Security|
|Virtual Machine Migration or Reboot Required||No|
|ESX Server Host Reboot Required||No|
|Related CVE numbers||CVE-2008-0967|
Summaries and Symptoms
This update fixes a security issue related to local exploitation of an untrusted library path vulnerability in vmware-authd. In order to exploit this vulnerability, an attacker must have local access and the ability to execute the set-uid vmware-authd binary on an affected system. Exploitation of this flaw might result in arbitrary code execution on the Linux host system by an unprivileged user.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-0967
to this issue.
None beyond the required patch bundles listed in the table, above.
Based on VMware KB 1004170